RiskTech Journal
Managing Risk, Embracing Technology
In today's dynamic business landscape, managing risk and embracing technology are essential components of sustainable success. The RiskTech Journal delivers timely insights for business leaders seeking better ways to manage risk using modern approaches and tools. Harnessing the power of technology enables businesses to optimize processes, enhance decision-making, and stay competitive in an increasingly digital world.
Browse the latest RTJ insight articles and news updates and below
The RiskTech Journal Online Subscription is a premier resource for executives and professionals focused on the intersection of risk management and technology. It provides subscribers with access to a curated collection of articles and expert insights designed to enhance risk management strategies through technological innovation. With its online format, the RiskTech Journal offers flexible access to critical information, helping leaders make informed decisions and stay competitive.
RiskTech Insight Articles
SEC's Cybersecurity Countdown: Critical Steps for Public Companies
As the December 2023 deadline looms, U.S. public companies and their third parties face a critical juncture in cybersecurity risk management. The SEC's new disclosure rules demand swift adaptation, with implications for cybersecurity practices and risk management infrastructures. The upcoming webinar, "Cyber Risk Reporting to the Board: A Step-by-Step Playbook," offers an in-depth analysis and actionable strategies for compliance.
Integrated Risk Management: The Linchpin for Bridging SEC and NYDFS Cybersecurity Regulations
In response to escalating cyber threats, regulatory bodies such as the New York State Department of Financial Services (NYDFS) and the U.S. Securities and Exchange Commission (SEC) have fortified their cybersecurity rules, presenting a complex regulatory environment for financial institutions. As entities strive to comply with the nuanced requirements of the NYDFS's updated cybersecurity regulations and the SEC's proposed rules, Integrated Risk Management (IRM) emerges as a crucial strategy, providing a unified framework to manage cybersecurity risks and regulatory compliance effectively.
Leveraging IRM for Comprehensive Risk Assessments in Line with SEC Guidelines
In an era where the complexity of risks continuously escalates, the integration of operational risk management (ORM), IT risk management (ITRM), enterprise risk management (ERM), and governance, risk, and compliance (GRC) technologies within the broader umbrella of Integrated Risk Management (IRM) has never been more crucial.
ERP and IRM Take Similar Paths to Shape the Modern Business Landscape
While ERP has traditionally unified core business functions — from financial management and supply chain operations to human resources — IRM is achieving a similar integration for risk management disciplines, including operational risk management (ORM), IT risk management (ITRM), enterprise risk management (ERM), and governance, risk, and compliance (GRC).
AI Risk: What Every Board Member Needs to Know
Artificial Intelligence (AI) is a double-edged sword, offering both unprecedented opportunities and complex challenges. As boards and executives grapple with the rapid advancements in AI, they must navigate a landscape fraught with both promise and peril. This article aims to equip board members with key AI insights from a recent report by the National Association of Corporate Directors (NACD) and the Data & Trust Alliance, as well as a keynote address by John A. Wheeler at AuditBoard's Audit+Beyond event.
The Convergence of Cybersecurity and Operational Risk: Lessons from the Clorox Breach
The Clorox cyberattack, which led to a whopping 20% drop in shares since August, highlights the ripple effect a cybersecurity incident can have on operational processes. Here, a technology-centered vulnerability impacted the company's operational capabilities, and consequently, its market value. Such setbacks not only disrupt the daily functioning of an organization but can tarnish its reputation and erode stakeholder trust.
How Integrated Risk Management Helps Businesses Comply with California's New Climate Laws
California is setting a new regulatory precedent with the passage of Senate Bill 253 (SB 253) and Senate Bill 261 (SB 261), collectively aimed at enforcing climate-related disclosures among large companies. These pioneering laws pave the way for a national wave of similar regulations, including pending rules from the Securities and Exchange Commission (SEC). In the midst of this regulatory shift, Integrated Risk Management (IRM) emerges as a crucial methodology for comprehensively managing the complexities of climate-related disclosure.
Synchronized Visions: How Deloitte and Wheelhouse Advisors Illuminate the Future of IRM
As I survey the current literature and thought leadership on integrated risk management (IRM), it becomes increasingly clear that this discipline is entering a pivotal era. Both Wheelhouse Advisors and Deloitte have recently offered robust frameworks illuminating different facets of IRM.
From Brakes to GPS to Telematics: The Evolution of Modern Internal Audit
In the rapidly evolving landscape of risk management, the role of internal audit is shifting from merely being the "brakes" or a "navigation system" within an organization to something far more dynamic and nuanced. Drawing on the technology of telematics systems, which blend telecommunications and informatics to guide insurance risk assessment, this article explores how internal audit can similarly offer data-driven insights without intruding on managerial autonomy. As we venture into this new era, internal audit's role isn't just about guiding or stopping; it's about gathering, analyzing, and integrating data to inform risk management.
The ESG Controller in the Age of Regulatory Shifts and Integrated Risk Management
The rapid evolution of the ESG Controller role underlines the pressing need for organizations to standardize and validate their ESG reporting processes. Recent data from AuditBoard reveals substantial gaps in ESG program readiness, further emphasizing the critical function of ESG Controllers in mitigating compliance risks. Integrated Risk Management technology offers a pathway to bridge these gaps, ensuring that companies are compliant and better positioned to navigate an increasingly complex regulatory landscape.
Beyond Traditional Boundaries: The Shift from GRC to Integrated Risk Management - An EY Perspective
Risk management is stepping beyond traditional boundaries, and the shift from GRC to Integrated Risk Management (IRM) is central to this new era. But what does this mean for today's organizations, and how can we make the transition effectively?
Bridging the Security Gap: Integrated Risk Management’s Response
In response to recent comments by Palo Alto Networks CEO Nikesh Arora on the need for rapid, modernized cybersecurity defenses, John A. Wheeler emphasizes the crucial role of Integrated Risk Management (IRM). John draws from his extensive expertise to highlight the four key benefits of IRM: a unified view, intelligent resource allocation, streamlined compliance, and strategic future-proofing, addressing both the challenges and solutions in today’s evolving threat landscape.
Charting the Future of Risk: The 2023 IRM Navigator™ Technology Market Reports
Risk management has become a paramount concern for organizations across industries in an era of rapid technological advancement, globalization, and ever-shifting regulatory landscapes. The growing business complexity and interconnectivity demand an integrated approach, propelling Integrated Risk Management (IRM) into the spotlight. IRM is no longer an option but necessary, shaping the contours of resilience, compliance, performance, and assurance.
The Future of Cybersecurity: Navigating NIST CSF 2.0 with IRM
In the complex and ever-changing cybersecurity landscape, the NIST Cybersecurity Framework (CSF) 2.0 emerges as a beacon for organizations striving to manage and mitigate cybersecurity risk. Integrated Risk Management (IRM) technology plays a pivotal role in this journey, bridging the gaps between various risk management disciplines and fully integrating cybersecurity risk with Enterprise Risk Management (ERM).
Four IRM Tips for Conquering the Biggest Accounting Experiment in 100 Years
We must go beyond the traditional Governance, Risk Management, and Compliance (GRC) approach focusing on compliance risk to address these new sustainability risk disclosure requirements. While GRC is a critical component of risk management, focusing solely on it can limit our view of specific regulatory mandates, often missing the "bigger picture" of strategic risk. Integrated Risk Management (IRM), on the other hand, incorporates GRC but goes further. Here are four tips to help companies succeed.
EU Commission's Final Rules on Corporate Sustainability Disclosures: A Focus on Materiality and Global Alignment
On July 31, 2023, the European Union's executive body finalized the rules for corporate environmental, social, and governance (ESG) disclosures, confirming earlier moves to ease the requirements. This decision aligns with European Commission president Ursula von der Leyen's pledge to cut red tape across the EU executive's work this year, as companies have expressed concerns about the mounting cost of environmental rules.
Decoding the New SEC Cybersecurity Rules: Material Incident Reporting and Risk Management Disclosures
The Securities and Exchange Commission (SEC) recently adopted new rules to enhance and standardize public companies’ cybersecurity incident reporting and risk management disclosures. These rules, effective in December, represent a significant shift in the regulatory landscape. Companies must act now to ensure they are prepared, and Integrated Risk Management (IRM) can play a crucial role in this process.
Navigating Cybersecurity: The SEC's New Disclosure Rules and the Role of Integrated Risk Management
In response to the escalating significance of cybersecurity threats in today’s digital era, the Securities and Exchange Commission (SEC) has set the stage for a major transformation in corporate cybersecurity disclosures. Integrated Risk Management (IRM) can serve as the perfect ally to companies as they adapt to these changes.
The Dunning-Kruger Effect in Humans and Its Echo in AI: How IRM Can Help
Artificial Intelligence (AI) has become pervasive in our society, transforming how we work, communicate, and solve problems. However, it’s not immune to the cognitive biases that its human creators hold. An intriguing example is the Dunning-Kruger effect, a cognitive bias in humans that can inadvertently permeate AI systems, posing unique risks.
Integrated Risk Management: The New Frontier in COSO-Driven Sustainability Reporting
In contrast to the traditional GRC approach, an Integrated Risk Management (IRM) approach offers a more comprehensive and strategic perspective on sustainability reporting. It provides a structured approach to managing the broad spectrum of risks associated with sustainability, including performance, resilience, assurance, and compliance risks.
RiskTech News Updates
